static async Task TestOneAsync(Tuple <string, int> hostAndPortTuple, string sni, int certType, CancellationToken cancel = default)
{
await using var sock = await LocalNet.ConnectIPv4v6DualAsync(new TcpConnectParam (hostAndPortTuple.Item1, hostAndPortTuple.Item2));
await using var sslSock = await sock.SslStartClientAsync(new PalSslClientAuthenticationOptions (sni, true), cancel);
var serverCert = sslSock.Info.Ssl.RemoteCertificate !;
if (serverCert.PkiCertificate.VerifySignedByCertificate(TestCert_00_TestRoot_RSA1024_SHA1_Expired.PrimaryCertificate) == false)
{
throw new CoresLibException("VerifySignedByCertificate error.");
}
if (certType == 0)
{
if (serverCert.HashSHA1._IsSameHex(TestCert_01_TestHost_RSA1024_SHA1_2036.DigestSHA1Str) == false)
{
throw new CoresLibException("TestCert_01_TestHost_RSA1024_SHA1_2036 hash different.");
}
}
else
{
if (serverCert.HashSHA1._IsSameHex(TestCert_02_TestHost_RSA4096_SHA256_2099.DigestSHA1Str) == false)
{
throw new CoresLibException("TestCert_02_TestHost_RSA4096_SHA256_2099 hash different.");
}
}
}
public static async Task TestSslSniCertSelectionAsync(string hostPort, CancellationToken cancel = default)
{
bool isSelf = hostPort._IsSamei("self");
CgiHttpServer?webServer = null;
if (isSelf)
{
hostPort = $"127.0.0.1:{Consts.Ports.SslTestSuitePort}";
webServer = CreateTestCgiHttpServer();
}
var hostAndPortTuple = hostPort._ParseHostnaneAndPort(443);
try
{
// ポートに接続できるようになるまで一定時間トライする
await TaskUtil.RetryAsync(async c =>
{
await using var sock = await LocalNet.ConnectIPv4v6DualAsync(new TcpConnectParam(hostAndPortTuple.Item1, hostAndPortTuple.Item2));
await using var sslSock = await sock.SslStartClientAsync(new PalSslClientAuthenticationOptions(true), cancel);
return(true);
},
1000,
60,
cancel,
true);
await TestOneAsync(hostAndPortTuple, "old", 0, cancel);
await TestOneAsync(hostAndPortTuple, "new", 1, cancel);
public static async Task <WebSocket> ConnectAsync(string uri, WebSocketConnectOptions?options = null, CancellationToken cancel = default)
{
if (options == null)
{
options = new WebSocketConnectOptions();
}
Uri u = new Uri(uri);
int port = 0;
bool useSsl = false;
if (u.Scheme._IsSamei("ws"))
{
port = Consts.Ports.Http;
}
else if (u.Scheme._IsSamei("wss"))
{
port = Consts.Ports.Https;
useSsl = true;
}
else
{
throw new ArgumentException($"uri \"{uri}\" is not a WebSocket address.");
}
if (u.IsDefaultPort == false)
{
port = u.Port;
}
ConnSock tcpSock = await LocalNet.ConnectIPv4v6DualAsync(new TcpConnectParam(u.Host, port, connectTimeout : options.WebSocketOptions.TimeoutOpen, dnsTimeout : options.WebSocketOptions.TimeoutOpen), cancel);
try
{
ConnSock targetSock = tcpSock;
try
{
if (useSsl)
{
SslSock sslSock = new SslSock(tcpSock);
try
{
options.SslOptions.TargetHost = u.Host;
await sslSock.StartSslClientAsync(options.SslOptions, cancel);
targetSock = sslSock;
}
catch
{
sslSock._DisposeSafe();
throw;
}
}
WebSocket webSock = new WebSocket(targetSock, options.WebSocketOptions);
await webSock.StartWebSocketClientAsync(uri, cancel);
return(webSock);
}
catch
{
targetSock.Dispose();
throw;
}
}
catch
{
tcpSock._DisposeSafe();
throw;
}
}